For users of cryptographically protected accounts, and other electronic accounts, loss of passwords or private keys resulting in loss of account access or control is a common problem. For account providers, it is important to provide a mechanism for users to recover accounts in order to promote user trust and mass adoption.
Existing mechanisms for account recovery do not offer trustless, distributed operation. Many existing mechanisms rely on keeping additional records or trusting a centralized service to prove identity. For example, making a back-up of the private key may be insecure and depends on the user, who may forget to create or lose the back-up; designating a second recovery account relies on provider of second account and may disclose identity; or designating identity verification questions relies on the provider of questions and may be brute-forced or socially engineered. These mechanisms may be unreliable, may rely on trusting a single source of truth, or may not work in a distributed system.
A trustless, decentralized account recovery mechanism may be beneficial as a replacement for or complement to existing mechanisms. For example, in blockchain based accounts, which are natively designed to be trustless and decentralized, existing mechanisms may compromise the benefits of the blockchain based accounts. In another example, traditional, centralized accounts may also benefit by using a trustless, decentralized mechanism in combination with existing mechanisms.